Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

631 advisories

Loading
In KDE Trojita 0.7, an attacker in possession of S/MIME or PGP encrypted emails can wrap them as... Moderate Unreviewed
CVE-2019-10734 was published May 13, 2022
Cleartext Transmission of Sensitive Information vulnerability due to the use of Basic... Critical Unreviewed
CVE-2022-33321 was published Nov 9, 2022
Concrete CMS vulnerable to Cleartext Transmission of Sensitive Information Moderate
CVE-2022-43691 was published for concrete5/concrete5 (Composer) Nov 15, 2022
Remote Code Execution and download tracking in Mintegral SDK Moderate
CVE-2020-7744 was published for com.mintegral.msdk:alphab (Maven) Apr 22, 2021
IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2018-1454 was published May 13, 2022
The QBee MultiSensor Camera through 4.16.4 accepts unencrypted network traffic from clients (such... Moderate Unreviewed
CVE-2018-16225 was published May 13, 2022
IBM i2 Enterprise Insight Analysis 2.1.7 could allow a remote attacker to obtain sensitive... Moderate Unreviewed
CVE-2018-1525 was published May 13, 2022
Source code is downloaded over cleartext HTTP in portaudio Moderate
CVE-2016-10933 was published for portaudio (Rust) Aug 25, 2021
IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 Standard Edition could allow highly sensitive... Moderate Unreviewed
CVE-2019-4063 was published May 13, 2022
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local... Moderate Unreviewed
CVE-2019-5489 was published May 13, 2022
The ksmbd server through 3.4.2, as used in the Linux kernel through 5.15.8, sometimes... High Unreviewed
CVE-2021-45100 was published Dec 17, 2021
An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. The default management application... High Unreviewed
CVE-2019-7675 was published May 13, 2022
translate/translate_manager.cc in Google Chrome before 17.0.963.56 and 19.x before 19.0.1036.7... Moderate Unreviewed
CVE-2011-3022 was published May 13, 2022
Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software transmits... High Unreviewed
CVE-2018-8842 was published May 13, 2022
IBM BigFix Platform 9.2 and 9.5 transmits sensitive or security-critical data in clear text in a... High Unreviewed
CVE-2018-1600 was published May 13, 2022
The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App transmit sensitive or... Moderate Unreviewed
CVE-2018-5401 was published May 13, 2022
Web Based Quiz System v1.0 transmits user passwords in plaintext during the authentication... High Unreviewed
CVE-2022-44411 was published Nov 25, 2022
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON... Critical Unreviewed
CVE-2018-8855 was published May 13, 2022
The affected ThroughTek P2P products (SDKs using versions before 3.1.5, any versions with nossl... High Unreviewed
CVE-2021-32934 was published May 20, 2022
A Cleartext Transmission of Sensitive Information issue was discovered in Belden Hirschmann RS,... Moderate Unreviewed
CVE-2018-5471 was published May 13, 2022
A vulnerability in the detection engine of Cisco Firepower System Software could allow an... Moderate Unreviewed
CVE-2018-0283 was published May 13, 2022
A vulnerability in the detection engine of Cisco Firepower System Software could allow an... Moderate Unreviewed
CVE-2018-0281 was published May 13, 2022
Gitlab Enterprise Edition version 10.1.0 is vulnerable to an insufficiently protected credential... High Unreviewed
CVE-2017-0925 was published May 13, 2022
Abbott Laboratories Accent and Anthem pacemakers manufactured prior to Aug 28, 2017 transmit... Moderate Unreviewed
CVE-2017-12716 was published May 13, 2022
A vulnerability in the auto discovery phase of Cisco Spark Hybrid Calendar Service could allow an... High Unreviewed
CVE-2017-12310 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database